#VU45439 Input validation error in pcsc-lite - CVE-2010-4530

Cybersecurity Help s.r.o.

Published: 2011-01-18 | Updated: 2020-08-11

Vulnerability identifier: #VU45439

Vulnerability risk: Medium

CVSSv4.0: 1.2 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:U/U:Green]

CVE-ID: CVE-2010-4530

CWE-ID: CWE-20

Exploitation vector: Network

Exploit availability: No

Vulnerable software:
pcsc-lite
Other software / Other software solutions

Vendor: pcsclite.apdu.fr

Description

The vulnerability allows a remote non-authenticated attacker to read and manipulate data.

Signedness error in ccid_serial.c in libccid in the USB Chip/Smart Card Interface Devices (CCID) driver, as used in pcscd in PCSC-Lite 1.5.3 and possibly other products, allows physically proximate attackers to execute arbitrary code via a smart card with a crafted serial number that causes a negative value to be used in a memcpy operation, which triggers a buffer overflow. NOTE: some sources refer to this issue as an integer overflow.

Mitigation
Install update from vendor's website.

Vulnerable software versions

pcsc-lite: 1.5.3

External links
https://kb.juniper.net/InfoCenter/index?page=content&id=JSA10705
https://labs.mwrinfosecurity.com/files/Advisories/mwri_pcsc-libccid-buffer-overflow_2010-12-13.pdf
https://lists.fedoraproject.org/pipermail/package-announce/2011-January/053076.html
https://lists.fedoraproject.org/pipermail/package-announce/2011-January/053097.html
https://rhn.redhat.com/errata/RHSA-2013-1323.html
https://www.mandriva.com/security/advisories?name=MDVSA-2011:014
https://www.openwall.com/lists/oss-security/2010/12/22/7
https://www.openwall.com/lists/oss-security/2011/01/03/3
https://www.securityfocus.com/bid/45806
https://www.vupen.com/english/advisories/2011/0100
https://www.vupen.com/english/advisories/2011/0179
https://bugzilla.redhat.com/show_bug.cgi?id=664986
https://exchange.xforce.ibmcloud.com/vulnerabilities/64961

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

Latest bulletins with this vulnerability

Gentoo update for CCID

Multiple vulnerabilities in pcsclite.apdu.fr pcsc-lite